Getting pwn'd by AI: Penetration Testing with Large Language Models

The field of software security testing, more specifically penetration testing, is an activity that requires high levels of expertise and involves many manual testing and analysis steps. This paper explores the potential usage of large-language models, such as GPT3.5, to augment penetration testers with AI sparring partners. We explore the feasibility of supplementing penetration testers with AI models for two distinct use cases: high-level task planning for security testing assignments and low-level vulnerability hunting within a vulnerable virtual machine. For the latter, we implemented a closed-feedback loop between LLM-generated low-level actions with a vulnerable virtual machine (connected through SSH) and allowed the LLM to analyze the machine state for vulnerabilities and suggest concrete attack vectors which were automatically executed within the virtual machine. We discuss promising initial results, detail avenues for improvement, and close deliberating on the ethics of providing AI-based sparring partners

Queueing systems with different types of renovation mechanism and thresholds as the mathematical models of active queue management mechanism

This article is devoted to some aspects of using the renovation mechanism (different types of renovation are considered, definitions and brief overview are also given) with one or several thresholds as the mathematical models of active queue management mechanisms. The attention is paid to the queuing systems in which a threshold mechanism with renovation is implemented. This mechanism allows to adjust the number of packets in the system by dropping (resetting) them from the queue depending on the ratio of a certain control parameter with specified thresholds at the moment of the end of service on the device (server) (in contrast to standard RED-like algorithms, when a possible drop of a packet occurs at the time of arrivals of next packets in the system). The models with one, two and three thresholds with different types of renovation are under consideration. It is worth noting that the thresholds determine not only from which place in the buffer the packets are dropped, but also to which the reset of packets occurs. For some of the models certain analytical and numerical results are obtained (the references are given), some of them are only under investigation, so only the mathematical model and current results may be considered. Some results of comparing classic RED algorithm with renovation mechanism are presented.Работа посвящена некоторым аспектам использования механизма обновления (различные варианты обновления рассмотрены, определения и краткий обзор представлены) с одним или несколькими порогами в качестве математических моделей механизмов активного управления очередями. Описаны системы массового обслуживания, в которых реализован механизм обновления с порогами, позволяющий управлять числом заявок в системе путем их сброса из накопителя в зависимости от значения некоторого управляющего параметра и пороговых значений. Сброс заявок из накопителя происходит в момент окончания обслуживания заявки на приборе, что отличает данный механизм сброса от RED-подобных алгоритмов, для которых сброс возможен в момент поступления в систему. Представлены модели с одним, двумя или тремя порогами. В этих моделях пороговые значения определяют не только место, с которого в накопителе начинается сброс заявок, но и до какой позиции заявки могут быть сброшены. Для некоторых из описываемых моделей уже получены аналитические и численные результаты (ссылки на работы представлены), но большая часть моделей находится в процессе изучения, поэтому представлены только описания и некоторые текущие данные. Приведены некоторые результаты сравнения классического алгоритма RED с механизмом обновления

Senior Computer Science Students’ Task and Revised Task Interpretation While Engaged in Programming Endeavor

Developing a computer program is not an easy task. Studies reported that a large number of computer science students decided to change their major due to the extreme challenge in learning programming. Fortunately, studies also reported that learning various self-regulation strategies may help students to continue studying computer science. This study is interested in assessing students’ self-regulation, in specific their task understanding and its revision during programming endeavors. Task understanding is specifically selected because it affects the entire programming endeavor. In this qualitative case study, two female and two male senior computer science students were voluntarily recruited as research participants. They were asked to think aloud while answering five programming problems. Before solving the problem, they had to explain their understanding of the task and after that answer some questions related to their problem-solving process. The participants’ problem-solving process were video and audio-recorded, transcribed, and analyzed. This study found that the participants’ were capable of tailoring their problem-solving approach to the task types, including when understanding the tasks. Given enough time, the participants can understand the problem correctly. When the task is complicated, the participants will gradually update their understanding during the problem-solving endeavor. Some situations may have prevented the participants from understanding the task correctly, including overconfidence, being overwhelmed, utilizing an inappropriate presentation technique, or drawing knowledge from irrelevant experience. Last, the participants tended to be inexperienced in managing unfavorable outcomes

Towards efficient battery swapping service operation under battery heterogeneity

The proliferation of electric vehicles (EVs) has posed significant challenges to the existing power grid infrastructure. It thus becomes of vital importance to efficiently manage the Electro-Mobility for large demand from EVs. Due to limited cruising range of EVs, vehicles have to make frequent stops for recharging, while long charging period is one major concern under plug-in charging. We herein leverage battery swapping (BS) technology to provide an alternative charging service, which substantially reduces the charging duration (from hours down to minutes). Concerning in practice that various battery is generally not compatible with each other, we thus introduce battery heterogeneity into the swapping service, concerning the case that different types of EVs co-exist. A battery heterogeneity-based swapping service framework is then proposed. Further with reservations for swapping service enabled, the demand load can be anticipated at BS stations as a guidance to alleviate service congestion. Therefore, potential hotspots can be avoided. Results show the performance gains under the proposed scheme by comparing to other benchmarks, in terms of service waiting time, etc. In particular, the diversity of battery stock across the network can be effectively managed

Advanced flight control system study

The architecture, requirements, and system elements of an ultrareliable, advanced flight control system are described. The basic criteria are functional reliability of 10 to the minus 10 power/hour of flight and only 6 month scheduled maintenance. A distributed system architecture is described, including a multiplexed communication system, reliable bus controller, the use of skewed sensor arrays, and actuator interfaces. Test bed and flight evaluation program are proposed

Foxconned labour as the dark side of the information age: Working conditions at Apple’s contract manufacturers in China

Apple is one of the most dominant and most admired computer companies in the world. But hidden behind the clean surface of Apple’s advanced gadgets lies a dirty world of work. This paper focuses on the dark side of the information age by looking at working conditions in the workshops of Apple’s contract manufacturers in China. For this purpose I suggest a systematic model of working conditions that can be used for assessing and comparing work in different industries. Departing from Karl Marx’s circuit of capital it identifies elements that shape working conditions throughout the capital accumulation process including productive forces, relations of production, the production process, products, and labour legislation. Subsequently I apply this model to the realm of electronics manufacturing. Based on research conducted by corporate watchdogs this paper provides detailed insights into the work and life reality of workers in Apple’s first tier supplier factories. An analysis of Apple’s response to labour rights allegations furthermore reveals three ideological patterns that rather obscure existing problems than offering viable solutions

Natural stone sludge as secondary raw materials: towards a new sustainable recovery process

L'abstract è presente nell'allegato / the abstract is in the attachmen

2012 XSEDE User Satisfaction Survey

This is the final report from the 2012 XSEDE User Satisfaction Survey.National Science Foundation OCI-1053575Ope

E-SCAPE New tools and new opportunities for the localization of Expo 2015 general interest services along the Canale Cavour, a backbone of the Milan-Turin urban region

Publication of the Alta Scuola Politecnica project "E-SCAPE. New tools and new opportunities for the localization of Expo 2015 general interest services along the Canale Cavour, a backbone of the Milan-Turin urban region